Thunderbird Issues after latest Microsoft certificate
After receiving the latest DigiCert Global Root G2 certificate from MicroSoft, as it relates to InTune, we received pop-ups from Thunderbird and Mac Mail clients on OSX and iOS that states “You are about to override how Thunderbird identifies this site. Legitimate banks, stores, and other publice sites will not ask you for this information:
Location: outlook.office365.com:993 “Get Certificate” This site attempts to identify itself with invalid information. “View” Wrong Site The certificate belongs to a different site, which could mean that someone is trying to impersonate this site. “Permanently store this exception” “Confirm Security Exception” “Cancel”.
We took the “Cancel” Option and imported the new DigiCert Global Root G2” certificate from MicroSoft and restarted Thunderbird in OSX and Mail in iOS. After restarting the pop-ups discontinued, until it resurfaced again a couple of days later. Once the app was restarted or the client rebooted, the pop-ups stopped again but again, resurfaced after a few days. The Thunderbird release this happened with was V.68. Upgrading to the latest appears to have fixed the issue with the pop-ups, but broke Enigmail add-ons for encryption.
Questions: 1. Has anyone else experienced this issue and if so, without having to upgrade Thunderbird? 2. Does anyone know what are the ramifications of accepting and storing this certificate listed in the pop-up, if the site listed is the correct site, listed above?
Todas las respuestas (1)
After receiving the latest DigiCert Global Root G2 certificate from MicroSoft
Why would you want to get a Digicert root certificate from Microsoft? Beats me.
The DigiCert Global Root G2 certificate is already in the Thunderbird 78 certificate store, SHA-256 fingerprint is CB:3C:CB:B7:60:31:E5:E0:13:8F:8D:D3:9A:23:F9:DE:47:FF:C3:5E:43:C1:14:4C:EA:27:D4:6A:5A:B1:CB:5F. I don't know about Thunderbird 68.
Location: outlook.office365.com:993
That's the server your Thunderbird is trying to connect to.
The certificate belongs to a different site, which could mean that someone is trying to impersonate this site.
Press “View” and inspect the cert. Who's the issuer of the cert? What's the subject information of the cert? Please post a screenshot of the Certificate Viewer window with that information visible. https://support.mozilla.org/kb/how-do-i-create-screenshot-my-problem
Upgrading to the latest appears to have fixed the issue with the pop-ups, but broke Enigmail add-ons for encryption.
TB 78 did not break Enigmail, there simply is no Enigmail add-on anymore. Thunderbird uses it's own OpenPGP implementation now. https://support.mozilla.org/kb/openpgp-thunderbird-howto-and-faq